Excellent! I wish I had run nslookup on the VCSA first thing when vCenter lost connection to my 2nd host which gave me weird errors trying to reconnect. I had found a 2nd A record with iDrac IP in my AD DNS. I removed it and verified everything else resolved to the correct IP but VCSA still stuck with trying to use the wrong IP!

After running this command, NSLookup verified the host now resolved to only the one IP.
I could have saved the trouble of regenerating the cert on the host, removing the host from vCenter and all other troubleshooting steps.